Elliptic Curve Cryptography

*Alana and Tamarr helped the group work through the problem set but were unfortunately unable to attend camp during the blog writing.

For years, people have been trying to find a way to send secret messages. This may have been easy to do in the ancient times of the Roman Empire, where you could write a message, and then hand-deliver it to your recipient. This way, you could be certain that nobody else could intercept it. However, this becomes a lot more difficult in today’s online tech-driven world. People no longer hand-deliver letters; rather, we email or text our friends. So how do we make sure that nobody else can intercept your text message as it travels the internet before finally landing on your friend’s cell-phone? The answer is found in cryptography, a technology that is becoming more and more important in today’s world. Today, we are going to focus on one particular form of cryptography: elliptic curve cryptography.

Elliptic curve cryptography has its foundations in a type of math called modular arithmetic. When you first learned how to divide, you probably learned that 7/3 = 2 R 1. In modular arithmetic, you would write your answer as 7 ≡ 1 mod 3. If we take another number, such as 16, and divide it by three, we get 16 ≡ 1 mod 3, because when it is divided by three, 16 has a remainder of 1. This makes 16 and 7 equal in mod 3, with can also be written as ℤ3. ℤ3 is the set of remainders when a number is divided by three. Every number can be written as either [0], [1], or [2]. As 16 and 7 both have a remainder of 1, they can both be written as [1]. Numbers greater than 2 can be simplified by dividing by three. For example, [12] = [0] because the remainder is 0 when 12 is divided by 3.

An elliptic curve is a curve of the equation y^2 = x^3+ax+b that is drawn over a finite field, Fp. Fp contains all the elements of the group ℤp, and thus follows modular arithmetic. To find the points on an elliptic curve, we first must square all of the numbers in ℤp, next we plug the numbers into x^3+ax+b, anything that does not produce a perfect square does not fall in the domain of the curve. The y values are then solved for.

Example of an Elliptic Curve:

In elliptic curve cryptography, every point on an elliptic curve is given a letter. This is public information. There is also a point that is made public in the group, we will call this point B. So how does elliptic curve cryptography work? Let’s suppose you are emailing your friend. You start by choosing a number between 0 and p; let’s call it a. Your friend will do the same thing; let’s call her number b. You will then use point addition to compute aB. Your friend will compute bB. Now, you will exchange your numbers publically. You are given bB, which you will multiply by a, leaving you with abB. Your friend will multiply aB by b. Now you both have abB. This is your private key, which we will call P. To encrypt your message, you will add P to every point corresponding to the letter that you want to send. Your friend will then subtract P, leaving them with your original message!

The important problem that keeps hackers from finding your numbers, a or b, and thus decrypting your message, is the backbone of elliptic curve cryptography; it is called the discrete log problem. A logarithm writes ab= c in the form of logac = b; essentially, logarithms solve for an exponent. The discrete log problem requires that b be an integer in Fp, this is extremely hard for computers to solve.

Elliptic curve cryptography is just the tip of the iceberg in the exciting world of cryptography, encryption, and code-breaking. It has been a vital tool used in the past and has become increasingly important today. With the rise of new technologies, such as quantum computing, there could come a time when elliptic curve cryptography will no longer work. Cryptographers will have to look to a new algorithm to encrypt our data. But that’s many years into the future, for now, you can rest assured that your data is safe.